IETF Logo Mail Archive

[Secdispatch] Oblivious HTTP charter draft

Martin Thomson <mt@lowentropy.net> Thu, 18 March 2021 01:24 UTC

Return-Path: <mt@lowentropy.net>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 170473A19EE for <secdispatch@ietfa.amsl.com>; Wed, 17 Mar 2021 18:24:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.119
X-Spam-Level:
X-Spam-Status: No, score=-2.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lowentropy.net header.b=J7jjkFwa; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=oOYu0SD8
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yWwk-VKMn2ty for <secdispatch@ietfa.amsl.com>; Wed, 17 Mar 2021 18:24:57 -0700 (PDT)
Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7E473A19F7 for <secdispatch@ietf.org>; Wed, 17 Mar 2021 18:24:57 -0700 (PDT)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id C1D071F4A for <secdispatch@ietf.org>; Wed, 17 Mar 2021 21:24:56 -0400 (EDT)
Received: from imap10 ([10.202.2.60]) by compute1.internal (MEProxy); Wed, 17 Mar 2021 21:24:56 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lowentropy.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm1; bh=KvpV9cM4lDiPnI48Znhmj1yzw36qnJAC6DfqcyuPj8Q=; b=J7jjkFwa p/PZC0MHxvIbhWhQP3nXeD1bB3kZtpfXfcq88bGpPQDrtiECa2Hv1cJ/zoaxrFhY 2WM2LFZqwAyRTzvyr2EYoZxB5QxNz4j07JE9cA5YYGynCpKFpc+kOudM3GHHxUgI s9WSoUuuwEC4jEGrP4/yv0M/9eUNvv5M6BuF2dsT7IUn3Atg1qFteRi6LLcMwjrk Lu7HV2WUqpODWN52A8EEWdWPNZUgSx20wpFh0iqgLSzc1IyrfNhiMHrkLN5ZvdAL +BBhdl5MGqUH7N1fYfXgeCgEr4F0TPOeGv3z+IaHSR+8EzLLFrMbBUsSFjC7uYY0 7lEcd7HUMivBmg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm2; bh=KvpV9cM4lDiPnI48Znhmj1yzw36qn JAC6DfqcyuPj8Q=; b=oOYu0SD8315/8GrI+xWznV0nRRHB3ZwXT5r0YklEyDL71 eyVeZBfzctS597xqfrfkRg/GQu65gN6M8x0Rvo5USblvDDJ0CyutLgjkB8tFfQod akp10cxRc5jsWBut9T+YIEC8exnc10PnhxDGUUtHx4m+HHCt67Vwrur6vJmcigrG 0YELsk2zGsqDXwUoREEvp6BtIGJTvSCGN7DYTQfuo0NBJdBSRZKRq5Cf+Zjgvd5Y ASpkKal4a/SvWEKyU4Ea2+5pDa8zn8r+hfxorUFbqxeiUzYrONfy/crDI5PqTnCR 9+1ceogqddwuQu7MtpIMtMH8aIXMZ7hfqdZpBdioA==
X-ME-Sender: <xms:56tSYOgdPvntPt4otsbmWBpd0DwA1ZP3cMabkkzYi_4TYyG2kk8G2Q> <xme:56tSYPBHJ_invQWoMUOexWL8eT5ewrhh47qCGQ389XiDeutOBo8NdRPca9eLZyP9S GzgkqqAX4hB4-HPl_U>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudefhedgfeefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfffhffvufgtsehttdertd erredtnecuhfhrohhmpedfofgrrhhtihhnucfvhhhomhhsohhnfdcuoehmtheslhhofigv nhhtrhhophihrdhnvghtqeenucggtffrrghtthgvrhhnpeegueehueejvdeiveffhedvke egffekgffgtdetleefkeeffedtjefhtdduvddutdenucffohhmrghinhepghhithhhuhgs rdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomh epmhhtsehlohifvghnthhrohhphidrnhgvth
X-ME-Proxy: <xmx:56tSYGGZ-1vPAx7bynjfN2hoIHu-VlXeOu9JHnKxCpF4KZp495mtyw> <xmx:56tSYHTgPP6EeOZebZ-o8uMjumPsk8TDHmHwNneiA2tdm1OVf5vwCQ> <xmx:56tSYLyNx7C2uQ-2Nu2nR4zIZCbzmNDIlidWcCH_CpMIAxah_dRAww> <xmx:6KtSYK9dbayShrP5MRkWYfw2zjLsZ2O9jNUodkv7_cd1js9wmhvOJQ>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id B70484E05B4; Wed, 17 Mar 2021 21:24:55 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.5.0-alpha0-206-g078a48fda5-fm-20210226.001-g078a48fd
Mime-Version: 1.0
Message-Id: <8e53426d-857e-4dd9-a9d0-b907c415abec@www.fastmail.com>
Date: Thu, 18 Mar 2021 12:24:33 +1100
From: Martin Thomson <mt@lowentropy.net>
To: secdispatch@ietf.org
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/p4rraUKtiTJenEqXWIFupNiv3ws>
Subject: [Secdispatch] Oblivious HTTP charter draft
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Mar 2021 01:24:59 -0000

Hi everyone,

As we discussed last week, Oblivious HTTP was dispatched to a new working group.  I've a proposal for charter text below.

After discussing with a few people, it seems like the SEC area is the best venue for this work.  It's security-focused work and this area has the best expertise in that area.  However, as noted, this will require coordination with HTTP and DPRIVE.  The former to ensure that we aren't abusing their protocol (or at least not TOO badly) and the latter to ensure that this is usable for their purposes.

Read the current text or contribute text at https://github.com/unicorn-wg/ohttp-charter

---
# Oblivious HTTP Working Group (OHTTP) Charter

In a number of different settings, interactions between clients and servers involve information that could be sensitive when associated with client identity.

Client-server protocols like HTTP reveal aspects of client identity to servers through these interactions, especially source addresses. Even without client identity, a server might be able to build a profile of client activity by correlating requests from the same client over time.

In a setting where the information included in requests does not need to be correlated, the Oblivious HTTP protocol allows a server to accept requests via a proxy. The proxy ensures that the server cannot see source addressing information for clients, which prevents servers linking requests to the same client. Encryption ensures that the proxy is unable to read requests or responses.

The OHTTP working group will define the Oblivious HTTP protocol, a method of encapsulating HTTP requests and responses that provides protected, low-latency exchanges. The working group will define any encryption scheme necessary and supporting data formats for carrying encapsulated requests and responses, plus any key configuration that might be needed to use the protocol.

The OHTTP working group will include an applicability statement that documents the limitations of this design and any usage constraints that are necessary to ensure that the protocol is secure.

The working group will define a format for any encryption keys that are needed. The working group will not describe how encryption keys are obtained. The working group will not define any methods for discovering proxy or server endpoints; specific uses of the protocol will need to describe discovery methods or rely on configuration.

The OHTTP working group will work closely with other groups that develop the tools that OHTTP depends on (HTTPbis for HTTP, CFRG for HPKE) or that might use Oblivious HTTP (DPRIVE for DNS over HTTPS).

The working group will use draft-thomson-http-oblivious as input.

v2.23.0 | Report a Bug | By Email